GNSS Location Verification in Connected and Autonomous Vehicles Using in-Vehicle Multimodal Sensor Data Fusion

Connected and Autonomous Vehicles (CAVs) rely on Global Navigation Satellite Systems (GNSS), e.g., the Global Positioning System (GPS), for the provision of accurate location information for various functionalities including Vehicle-to-Vehicle/Infrastructure (V2V/V2I) communication and self-navigation. However, GNSS-based location awareness is prone to spoofing attacks, where the attacker generates counterfeit satellite signals. This in turn poses a serious threat to the CAV, e.g., car, drone, etc., as well as the surrounding entities. Thus, this threat needs to be detected reliably and mitigated timely to prevent undesired consequences (e.g., damages, casualties, etc.). To this end, this work proposes a location verification solution that leverages in-vehicle sensor readings (e.g., accelerometer, etc.) and Signals of Opportunity (SoO), as an alternative source of location information. In particular, the multimodal sensor data with SoO location measurements are fused by means of a Kalman filter and the estimated fusion-based location is used to verify the location output of the GPS receiver. In case the GPS location deviates considerably from the fusion-based location, then a location spoofing attack is ascertained. Preliminary experimental results with real GPS and sensor data collected with a drone demonstrate the effectiveness of the proposed approach.


INTRODUCTION
As Connected and Autonomous Vehicle (CAV) technology develops, satellite signal jamming and location spoofing attacks will pose a serious threat with a significant impact on the operation of the CAV, including disruptions in Vehicle-to-Vehicle/Infrastructure (V2V/V2I) communication and navigation.
Currently, CAV navigation systems fundamentally rely on GNSS for location awareness. However, GNSS signals are prone to spoofing attacks and may become unreliable, presenting serious hazards for the vehicle and its surrounding entities. Therefore, these shortfalls need to be addressed by techniques that can timely detect spoofing attacks, so as to prevent any undesired consequences of such attacks. Existing works, e.g., [1], focused on providing an accurate location of autonomous vehicles by proposing a position spoofing attack prevention method based on an ad-hoc network of vehicles. It was shown, through simulations, that the proposed scheme could achieve acceptable performance, based on the collaboration between autonomous vehicles to prevent possible spoofing attacks. To our knowledge, there is no solution currently that uses data collected in-situ, i.e., at a vehicle without any collaboration with neighbouring vehicles, for detecting location spoofing attacks.
To this end, this work introduces a location verification solution that combines in-vehicle sensor readings, e.g., data that are readily available from a car's Controller Area Network (CAN) bus, such as speed, direction, odometry data, etc., and SoOs that are ubiquitous in the environment, as an alternative source of location information. The multimodal sensor data and SoOs are fused using a Kalman filter algorithm, while the fusionbased estimated location is used to detect location spoofing attacks targeting the GNSS location. In case the proposed location verification solution identifies that the GNSS location deviates from the fusion-based location, then a possible spoofing attack is detected. Overall, the contributions of this work are summarized as follows: • An innovative and low-cost location spoofing detection solution is proposed that does not require any information exchange with surrounding vehicles. • The proposed solution is validated using real GPS and sensor data collected outdoors with a drone and emulating various spoofing attack scenarios. The rest of this paper is structured as follows. GPS-free localization using SoOs is outlined in Section 2. The attack detection mechanism in the proposed solution is described in Section 3. Section 4 evaluates the performance of the attack detection solution and presents experimental results, while concluding remarks and directions for future research are provided in Section 5.

GPS-FREE LOCALIZATION
As technology evolves towards higher levels of automation, a stable and precise navigation system is becoming an absolute necessity for reliable and efficient navigation [2]. However, GNSS signals frequently become unavailable in the presence of interference (including jamming or spoofing) [3], [4], leading to the exploration of alternative methods for localization, such as SoOs [5]. A Relative Position System (RPS) that relies on SoOs has been presented in our previous work [7] and the proposed localization methodology is illustrated in Figure 1a. Initially, the physical distance between the transmitters sensed in the environment (e.g., radio, TV, Wi-Fi, LTE) and the CAV is computed (using a log-normal signal propagation model). This is necessary to estimate the vehicle's position employing a multilateration method using the estimated positions prior to the loss of GPS information. Multilateration is a conventional method to calculate the unknown location of a receiver node as discussed in [6], [7]. An Extended Kalman Filter (EKF) is then employed in a multimodal fusion approach to derive the vehicle's refined location and the measured vehicle system state at time . First, the vehicle's state at time is predicted following the adopted vehicle motion model [8]. Subsequently, the predicted position is updated with the estimated SoO-based position to obtain, at each timestamp, the GPS-free vehicle's location .
In this way, a smooth location trajectory can be obtained for the vehicle through the EKF. This work builds upon the RPS solution to output an estimated location data stream for the moving vehicle that is then compared to the GPS location data stream to detect possible location spoofing attacks. Note that the original RPS approach [7] provides relative location coordinates; however, these can be straightforwardly transformed to global coordinates (i.e., using the GPS location prior to the attack), so that the estimated location can be compared directly with the GPS location . a) b) Figure 1: a) Block diagram of the Relative Position System [7]; b) Proposed attack detection scheme.

ATTACK DETECTION
This section describes how the estimated location data can be utilized for detecting GPS location spoofing attacks. The attack detection mechanism, shown in Figure 1b, takes as inputs the vehicle's estimated location and the corresponding GPS location . In our baseline proof-of-concept implementation, firstly the Euclidean distance is computed, i.e., the deviation between the two locations. Then, it is checked whether this distance exceeds a predetermined threshold , i.e., if the condition is satisfied, and in this case an attack is detected.
There are various methodologies to set the detection threshold and in the following a simple empirical approach is described for selecting a proper value. Assuming that for an initial time period no attack is present while the vehicle is moving, a time series of locations and is collected, where denotes the number of location samples. Next, the associated distance errors , are computed, and based on the values the detection threshold can be selected. This is exemplified in Figure 2a, which depicts the curve for . Even though can be set to any value (e.g., = max( ), ), there is a performance tradeoff later during operation with respect to the correct and false detections in the presence of attacks. On the one hand, if a very low value is selected, then our solution would probably detect all attempts for spoofing the GPS locations; however, the number of false detections when no attack is present would be rather high, thus rendering the proposed solution ineffective. On the other hand, setting to a very high value would decrease the number of false alarms at the expense of increased misdetections, i.e., actual attacks that go undetected, which would degrade the overall detection accuracy. In this work, is defined as the -th percentile of the distance errors in increasing order. b) The cumulative distribution function of .

PERFORMANCE EVALUATION
A number of experiments utilizing real GPS location information were conducted to validate the proposed approach. Initially, we introduce the attack model that is used to emulate the location spoofing attack for generating spoofed GPS location data from the original GPS data. In particular, in this work it is assumed that the attacker can inject random noise to disturb the original GPS data. In this sense, the received GPS signal is denoted as , , where and are the mean vector and covariance matrix of the Gaussian noise. This is a reasonable model that is capable to capture location spoofing attacks where a naïve attacker can inject white noise to randomly perturb the legitimate GPS readings (i.e., and ) or a smart attacker may introduce a small constant bias to the GPS locations (i.e., and ), so as to gradually steer the vehicle off course, while avoiding detection. Such attacks are feasible when the attacker is within a range of a few tens of meters from the target vehicle with relatively cheap commercial off-the-shelf equipment, i.e., Software Defined Radio (SDR) hardware, amplifier, and antenna, combined with open-source SDR software. In this work, for the collection of the data required for our performance evaluation, a field experiment was initially carried out using various transmission bands and utilizing the proposed RPS [7]. One broadband antenna was mounted on an SDR module on a drone to acquire SoOs over a large frequency spectrum (via HackRF-one SDR) and following a predefined path. The collected dataset contains 30 samples of GPS locations, velocity, orientation, and acceleration that was subsequently stored in an SQL database and then the samples were provided as input to the proposed attack detection solution.
The performance was assessed using a number of metrics, namely Detection Rate ( ), Misdetection Rate ( ), and False Detection Rate ( ) that are defined as , , and . Initially, the detection threshold was set as the 90-th percentile of the distance error in the attack-free scenario and in this case =32 meters, as shown in Fig. 2b. a) b) Figure 3

. Drone trajectory of spoofed (blue), estimated (yellow), and original GPS (red) locations. (a) Scenario with second half of the GPS locations altered and (b) Scenario with a subset of GPS locations (5 at the start and 5 at the end of the trajectory) altered.
Two different scenarios are examined (see Fig. 3), where specific subsets of the GPS locations are disturbed as a result of the spoofing attack. The attacked GPS locations were emulated using the attack model described above and adding Gaussian noise with meters and , where =3 meters is the perturbation in each location coordinate. In the first scenario (Fig. 3a), the second half of the GPS locations (i.e., 15 out of 30 locations) were attacked and the results in Fig. 4a indicate that =92% and consequently =8%. In this case, 2 false attack detections were observed in the remaining 15 attack-free locations, i.e., =13.3%. In the second scenario (Fig. 3b), a subset of the GPS locations were attacked (5 at the start and 5 at the end) and the results in Fig. 4a illustrate that =90% and =10%. In this case 3 false attack detections were observed in the remaining locations that were not attacked leading to =15%. Moreover, Fig. 4b illustrates that a different value of , i.e., =22 that corresponds to the 60-th percentile of , can alter the attack detection performance =100%, but with 6 false attack detections observed in the remaining 15 locations that were not attacked, i.e., =40%. In the second scenario (Fig. 3b), the results in Fig. 4b illustrate that =100% and =45% with 9 false attack detections in the remaining 20 locations. a) b) Figure 4. Performance evaluation in terms of the DR, MR, and FDR metrics: a) Using the 90-th percentile of as the detection threshold and b) Using the 60-th percentile of as the detection threshold.

CONCLUSIONS
In this work, an innovative and low-cost attack detection mechanism is presented that can be utilized as an efficient solution against malicious location spoofing attacks on autonomous vehicles. The proposed solution is modular as the RPS module can be substituted with any other positioning solution that provides the absolute location of the vehicle, e.g., using on-board camera and LIDAR sensor information or traditional localization solutions based on wireless networks. We validated our solution through experiments with real data that were used to emulate realistic scenarios of location spoofing attacks, while the preliminary results demonstrate the effectiveness of the proposed approach in detecting location spoofing attacks reliably. Ongoing work includes exploring the applicability of the attack detection solution in autonomous cars (in the context of the H2020 CARAMEL project), first by using artificial data generated with the CARLA simulator, and then by integrating and testing the solution using the autonomous car platform provided by Panasonic Automotive.
Future work includes the application of the Unscented Kalman Filter (UKF), instead of the EKF, to address the inherent non linearities in the car mobility and measurements models, thus improving the data fusion and the accuracy of the vehicle's estimated location. Finally, adaptive techniques for dynamically adjusting the threshold according to the current conditions in the field (e.g., varying accuracy of the GPS in urban setups) will be investigated to improve the robustness of attack detection and increase applicability in real-life scenarios.